News

You are here

ADSC’s cybersecurity research tackles big smart grid problems

Nov 19, 2015 Katie Carr, University of Illinois at Urbana-Champaign

To solve many problems in life, one must often first think like the opposition, anticipate their moves, and then create a strategy to defend against them. That’s exactly what cybersecurity researchers at ADSC are doing.

One important aspect of securing the smart grid is determining how an attacker can destabilize grid control systems and demand response systems, such as real-time pricing for utility customers.

With real-time pricing, consumers are provided the actual cost of electricity at any given time, a concept that is gaining popularity in the United States and Singapore. For example, utility companies in Illinois, such as ComEd and Ameren Illinois, are now legally required to provide a real-time pricing option to customers. There is also a new pilot project in Singapore that deploys an advanced metering infrastructure, which would support the implementation of real-time pricing in homes. While customers could benefit from cheaper electric bills, these advances require modern communication infrastructures reaching each customer, and those infrastructures are susceptible to cyber attacks.

One way Tan and his team seek to understand the smart grid is to consider how an outside attacker would try to destabilize the control system, which could affect energy transmission. Recently, Tan, along with Krishna, Yau and Kalbarczyk, studied how attacks could affect real-time pricing systems under a general control-theoretic formulation in the smart grid.

“The attacker may hack into the backbone communication system and change the price signals disseminated to the customers’ smart meters,” Tan said.

Additionally, an attacker can also take indirect approaches that are less labor intensive, such as compromising clock synchronization services in the real-time pricing system, which could lead to information delivery delay.

The team focused on analyzing the stability of the real-time pricing market when price information transmitted over communications networks is compromised.

“For example, we can show that if the pricing system can make sure that over half of their customers receive the correct price information in real-time, it doesn’t matter how much price information delivery delay is introduced by the attacker for the rest of the customers. The market is always stable if half receive the correct information,” Tan said.

Tan and his team also studied how attackers could affect power grid frequency by compromising sensor readings.

“The grid frequency is very sensitive,” Tan said. “If you can move the frequency by just three Hz, the system can run into a serious situation. The generator would be tripped, transformers could be destroyed and it could cause massive blackouts.”

The team developed algorithms from the perspective of the attacker to find the most effective way to launch an attack. Based on those results, they were able to develop a fast detection algorithm that allows the defenders to recognize the attacks that inject false readings into the system and identify when the system frequency deviates from normal values.

Credit: Wikipedia

The solution is unique because it assumes a strong threat model, meaning the attacker knows the details of the grid very well, as opposed to injecting random errors into the system with no real knowledge of the system. In addition, the team worked to precisely quantify the physical impact of the attack and analyze the maximum damage the attacker could do to the grid.

“New countermeasures with a good understanding about the physics of the grid must be developed to harden and secure the smart grid systems,” Tan said.

Currently, researchers are beginning work with software defined networking (SDN) for power grids. SDN is a method to make networks more agile and flexible, allowing for quick responses from a centralized console that controls many aspects of the network. While this technology has been applied in data centers, such as Google’s, Tan thinks they are among the pioneering groups to study how to apply SDN to cyber physical systems such as power grids.

“SDN’s unprecedented features provide new ways to achieve resilient smart grids,” Tan said. “However, it’s still unclear how to leverage these features to improve the functional performance and reliability and security of smart grid communications and how to manage its disadvantages, like single-point failure risk due to its centralized network control.”

The researchers, who have varied expertise in areas like control, networking and security, will work together to create a solution. The team is also developing a hardware testbed, composed of real SDN switches and different servers and hosts, which will form a network for smart grid resilience. They will use the testbed to validate their findings and solutions.

“The key feature of SDN is the centralized controller and because of that there is centralized risk,” Tan said. “If the controller is compromised and sends malicious messages, it could end badly for the system.”

The group will consider how to jointly control the physical and networking systems to balance the conflicting goals of functional performance with the reliability and security of smart grids.